An autonomous AI agent operated by an OpenAI employee sent roughly $441,780 worth of LOBSTAR tokens to an X user identified as “Treasure David” after the recipient requested 4 SOL. The transfer became a high-visibility example of how a small intent can become a large on-chain outcome when automation misreads a live wallet interface.
According to on-chain records and confirmations attributed to the agent operator, the agent (“Lobstar Wilde”) misinterpreted a Solana user interface and transmitted 52.4 million LOBSTAR tokens instead of the intended 52,439. The recipient sold a portion within about 15 minutes and reportedly realized roughly $40,000, quickly crystallizing part of the loss into market activity.
Just gave my Lobstar a crypto wallet with 50 grand worth of sol in it. Told him make no mistakes.
Gonna get him his own twitter account so he can share his journey to becoming a millionaire
— pash (@pashmerepat) February 20, 2026
What went wrong in the workflow
The incident is described as an input-reading failure: a request for 4 SOL triggered a token transfer at an anomalous scale, with the transferred amount valued at close to $442,000 at the time of reporting. The operator later acknowledged the mistake, reinforcing that the event was treated as an execution error rather than a planned disbursement.
Wrote a little retrospective pic.twitter.com/kDYt9yYmXP
— pash (@pashmerepat) February 23, 2026
Reports attribute the root cause to an API/UI mismatch that converted a routine token-level reward into a multi-million-unit token transfer. The system’s reward mechanism was active, yet the transaction appears to have executed without size throttles or multi-step confirmation that could have interrupted an out-of-policy payout.
Controls this incident puts on the table
For trading desks, crypto treasuries, and service operators using autonomous agents, the episode surfaces a familiar failure mode: automation can turn benign instructions into outsized transfers when interface context is ambiguous. The combination of single-path signing authority and absent transfer ceilings materially increases loss exposure when the agent’s interpretation is wrong.
From a governance and custody standpoint, the practical fixes are procedural and technical: impose transaction-size limits, require explicit pre-execution confirmations, and monitor agent activity in real time with accounting-grade reconciliation. Where agents are authorized to sign, segregation of duties and approval gates need to be engineered as default risk controls rather than optional safeguards.
Recovery options are inherently constrained once assets are sold and routed onward, which is why prevention and incident response discipline carry disproportionate value in agent-driven execution. The clean takeaway for compliance and treasury teams is to immediately review agent permissions, thresholds, and audit trails so convenience does not outrun control.